Use other hash than SHA-1

Raimar Sandner mail at 404not-found.de
Fri May 8 09:14:27 CEST 2009


On Friday 08 May 2009 02:09:31 David Shaw wrote:

> One fear that I've seen talked about for SHA-1 is that an attacker can
> create a duplicate document such that if you signed document or key A,
> they could come up with a document or key B that your signature would
> equally apply to.  That fear is more than a little overblown.  Even
> MD5 hasn't been broken to that extent.

http://eprint.iacr.org/2005/067.pdf

As far as I understand this paper, MD5 has been broken to that extent. For 
SHA1 you're still right of course.

Raimar
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20090508/9e3803cf/attachment.pgp>


More information about the Gnupg-users mailing list